0 views collected around this technical thread.
The article analyzes a mysterious production stall caused by a TCP communication bug where the D4 and D5 stages are merged, leading to a mis‑aligned length field that makes the server read an incorrect payload size, and presents two concrete fixes.
The article details a mysterious production stall at 70% caused by a TCP packet length field misalignment when the configuration name is "rabbit‑TD", explains the step‑by‑step investigation using server logs and packet captures, identifies the root cause of the merged D4/D5 packets, and proposes two concrete fixes to correct the length handling.
This guide explains how to use tcpdump on Linux to capture all traffic, filter by IP or port, save to files, read pcap files, and apply advanced filters, while highlighting important security, permission, and storage considerations.
This guide explains how to use tcpdump for capturing and filtering network packets on Linux, covering basic usage, interface selection, host and port filters, protocol-specific captures, combined expressions, limiting capture size, saving to files, and a practical troubleshooting scenario with nginx and Node.js.
This article explains how to visualize and dissect TCP/IP packet structures using Wireshark, walks through each OSI/TCP‑IP layer, and details the fields of the TCP header such as ports, sequence numbers, flags, and checksum, providing a practical understanding of network protocol fundamentals.
This article explains the HTTPS protocol, its security advantages over HTTP, and provides a step‑by‑step Wireshark packet capture and analysis of a test website, covering TCP three‑way handshake, TLS ClientHello/ServerHello, certificate verification, key exchange, and encrypted data transmission.
This guide demonstrates how to use Python's Scapy library to extract IP addresses from PCAP files, sniff usernames and passwords from mail traffic, discover live hosts via SYN packets, launch MAC address table flooding attacks, and conduct ARP spoofing for man‑in‑the‑middle attacks, providing complete code examples.
This article provides a comprehensive technical analysis of the HTTP/2 protocol, detailing its architectural improvements over HTTP/1.1, including HPACK header compression, binary framing, stream multiplexing, and server push, while demonstrating practical packet capture techniques to illustrate its performance optimizations.
The article investigates why MySQL replication reports the error “heartbeat is not compatible with local info” when large transactions exceed the 4 GB limit of the binlog's next_position field, reproduces the issue with a controlled experiment, analyzes packet structures, and proposes practical mitigation strategies.
This article explains the background of Server Load Balancing (SLB), describes its three transmission modes—reverse‑proxy, transparent, and triangular—and provides detailed packet‑level analysis of TCP/HTTP interactions for each mode, highlighting configuration nuances and security considerations.
This article provides a detailed walkthrough of MySQL protocol analysis using Wireshark, covering SSL disabling, packet capture commands, step‑by‑step examination of handshake, authentication, database selection, query execution packets, and an in‑depth look at related source‑code functions and command enums.
This article explains the fundamentals of the ARP (Address Resolution Protocol) and ICMP (Internet Control Message Protocol), describing how they operate in LAN environments, detailing their packet structures, and illustrating their practical use through ping and tracert commands with packet capture analysis.
The paper examines novel TCP reflection DDoS methods that exploit CDN IP ranges and increasingly use pure ACK responses, outlines their handshake‑state behavior, and proposes a per‑connection tracking defense algorithm—implemented in Tencent’s DaYu platform—to detect and mitigate SYN/ACK, ACK, and RST reflection flows without affecting legitimate traffic.
This article introduces the OSI model, IP and UDP protocols, explains the structure of IP and UDP packet headers, demonstrates how to create a simple UDP server and client in Python, and shows how to capture and analyze the traffic with Wireshark.